Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/eON0px38O0ipUAXKM60unRMhjd0.roa
File: eON0px38O0ipUAXKM60unRMhjd0.roa (raw, json)
Hash identifier: YXr5vyIZo2rSGyfI7rSK40a7/4C9o2eBwmfbsyJF74c=
Subject key identifier: 78:E3:74:A7:1D:FC:3B:48:A9:50:05:CA:33:AD:2E:9D:13:21:8D:DD
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 06666A95
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/eON0px38O0ipUAXKM60unRMhjd0.roa
Signing time: Tue 10 May 2022 15:42:03 +0000
ROA not before: Tue 10 May 2022 15:42:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211961
IP address blocks: 193.111.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107375253 (0x6666a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: May 10 15:42:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78e374a71dfc3b48a95005ca33ad2e9d13218ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:91:3e:54:e3:3b:b2:06:50:9d:a6:93:2b:9b:
67:b4:0e:a4:00:6b:dd:75:35:8f:10:3b:f2:82:af:
f8:02:03:1b:e7:c8:1e:31:a7:df:46:e8:27:3c:9c:
ea:b5:7a:37:8d:36:fc:95:a5:d5:2d:bf:0a:7d:3b:
43:51:c6:0c:89:25:d5:fa:13:72:81:64:44:82:46:
05:e7:2b:df:f4:17:b3:bb:a0:f2:03:66:dc:4b:0d:
37:02:81:1d:63:33:fd:bd:a9:b9:a2:29:d9:31:40:
4e:37:91:ba:dd:48:f7:e5:08:ab:f4:1c:83:65:c7:
7c:f8:72:0d:b7:d4:a0:fc:e0:78:cd:93:ee:fb:b8:
85:30:0b:8a:c4:1a:59:a7:a9:16:b2:69:9e:fa:04:
07:ed:65:5c:08:90:c5:3c:1e:01:05:e0:64:65:40:
27:ad:3a:b2:4c:90:87:58:83:90:5f:5d:e6:a6:be:
90:cc:66:3c:0d:06:23:37:d5:77:fd:45:71:48:b0:
b2:5d:df:0a:ab:54:58:0f:75:2b:2f:0e:3c:ed:d4:
1e:77:aa:a5:fd:d0:0a:c5:cd:a7:1e:d7:3c:55:29:
bd:4d:27:0f:00:0d:a6:de:e8:78:2c:60:9c:14:ce:
be:78:15:1f:da:4f:a8:45:fe:73:ea:77:b7:42:ac:
bd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E3:74:A7:1D:FC:3B:48:A9:50:05:CA:33:AD:2E:9D:13:21:8D:DD
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/eON0px38O0ipUAXKM60unRMhjd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.249.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:fb:50:e2:4b:55:0d:fe:24:9f:44:24:e3:c7:59:e9:1c:90:
75:bc:7b:59:7d:76:c5:ed:64:67:f0:01:17:4a:f4:f4:f9:07:
93:3b:18:be:b4:2b:e5:7c:5f:15:c7:cb:5d:b9:3d:13:10:27:
af:bb:26:e5:1a:5f:65:c0:eb:e8:3e:b4:3e:43:22:7f:6a:e7:
3c:df:f6:04:5a:81:a7:17:66:72:12:e5:eb:3d:fc:5f:6c:47:
55:15:dc:2b:76:51:b8:f0:2b:d8:27:cc:3f:09:1c:2c:c9:da:
15:90:45:d0:4b:c7:0f:e6:ac:45:b5:12:20:44:80:e9:71:55:
28:4b:ec:93:42:f5:58:a2:6f:4e:c3:6e:f9:79:cd:9b:8a:c2:
a5:be:9f:71:69:bc:08:d4:51:9e:55:6f:9f:8f:e8:34:31:ff:
02:72:5c:17:2a:c3:b2:94:1c:ae:cf:97:20:50:c9:64:82:3e:
3a:d5:08:05:72:80:16:f1:71:d5:ed:76:0b:61:0e:25:a1:ad:
6c:82:37:44:fc:01:48:90:69:a5:3b:b9:13:f0:c7:ee:b7:f5:
97:1c:56:13:cd:3d:08:67:33:2f:1e:5a:0e:57:85:a1:06:99:
d9:0e:ed:1c:ef:50:0a:87:1d:c9:d1:fc:22:46:74:ea:2a:e0:
ec:1d:76:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmZqlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjVlYmE1YzFhODBmODZhNDU4OTI3OGVkZDkzMDRiM2Y1MTY5ZjgzMB4XDTIyMDUx
MDE1NDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhlMzc0YTcxZGZj
M2I0OGE5NTAwNWNhMzNhZDJlOWQxMzIxOGRkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmRPlTjO7IGUJ2mkyubZ7QOpABr3XU1jxA78oKv+AIDG+fI
HjGn30boJzyc6rV6N402/JWl1S2/Cn07Q1HGDIkl1foTcoFkRIJGBecr3/QXs7ug
8gNm3EsNNwKBHWMz/b2puaIp2TFATjeRut1I9+UIq/Qcg2XHfPhyDbfUoPzgeM2T
7vu4hTALisQaWaepFrJpnvoEB+1lXAiQxTweAQXgZGVAJ606skyQh1iDkF9d5qa+
kMxmPA0GIzfVd/1FcUiwsl3fCqtUWA91Ky8OPO3UHneqpf3QCsXNpx7XPFUpvU0n
DwANpt7oeCxgnBTOvngVH9pPqEX+c+p3t0KsvbsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR443SnHfw7SKlQBcozrS6dEyGN3TAfBgNVHSMEGDAWgBRGXrpcGoD4akWJ
J47dkwSz9RafgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JsNjZYQnFBLUdwRmlTZU8zWk1Fc19VV240TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8x
L2VPTjBweDM4TzBpcFVBWEtNNjB1blJNaGpkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8xL1JsNjZYQnFBLUdw
RmlTZU8zWk1Fc19VV240TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFv+TANBgkqhkiG9w0BAQsFAAOC
AQEASvtQ4ktVDf4kn0Qk48dZ6RyQdbx7WX12xe1kZ/ABF0r09PkHkzsYvrQr5Xxf
FcfLXbk9ExAnr7sm5RpfZcDr6D60PkMif2rnPN/2BFqBpxdmchLl6z38X2xHVRXc
K3ZRuPAr2CfMPwkcLMnaFZBF0EvHD+asRbUSIESA6XFVKEvsk0L1WKJvTsNu+XnN
m4rCpb6fcWm8CNRRnlVvn4/oNDH/AnJcFyrDspQcrs+XIFDJZII+OtUIBXKAFvFx
1e12C2EOJaGtbII3RPwBSJBppTu5E/DH7rf1lxxWE809CGczLx5aDleFoQaZ2Q7t
HO9QCocdydH8IkZ06irg7B121Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:16 2025 by rpki-client